ASP.NET MVC Windows Authentication 403 Forbidden: Access is denied - asp.net-mvc

I'm developing an ASP.NET MVC 2 app using Windows Authentication. When I run it within Visual Studio (using the built-in IIS), under the same domain, I was able to login using my credential. But when I deployed it to the server, which is also on the same domain, in-house, I got the "403 - Forbidden: Access is denied." error.
I notice that when running it from within Visual Studio, opening the site from IE automatically logs me on, no prompts. But when trying to access it from the server (again, on the same domain), IE prompts me to log-on, and eventually gave the 403 error.
I'm not sure if there are extra settings that I need to do on my app, on the server, or both?

Did you change the Application Pool to run under a privileged account?

Related

Visual studio project in samba network drive results in IIS express permission denied

I have created a ASP.NET Web Application project. When I click the "IIS express" button in Visual Studio I get the following in the browser:
Access is denied.
Description: An error occurred while accessing the resources required to serve this request. You might not have permission to view the requested resources.
Error message 401.3: You do not have permission to view this directory or page using the credentials you supplied (access denied due to Access Control Lists). Ask the Web server's administrator to give you access to 'H:\mypath'.
If I move my project to somewhere on C: then everything works as expected.
H: is mapped to a samba share on a Linux host.
I believe that IIS express is expected to run as the current user when started like this, so in that case the samba credentials should not be the problem.
So...how do I solve this problem?

ASP.NET MVC Web Application Running on IIS with Entity Framework Trying to Retrieve Oracle Data

Here is the error message I got:
The underlying provider failed on Open.
I have been trying to figure out why an error occurs when trying to access Oracle via Entity Framework from ASP.NET MVC Web Application running on IIS 8.5.9600.16384 using Windows Authentication. I've tried everything from adding NT AUTHORITY\NETWORK SERVICE, NT AUTHORITY\SYSTEM or just NETWORK SERVICE schemas to Oracle, changing DTC settings on IIS, changing Application Pool's Identity, removing and installing Oracle Client as well as ODT with ODAC on both the workstation and the web server and just about everything I can find on the first few pages of this Google search results.
Upon further investigation of the error, I noticed that the web application has spitted out an inner exception message which reads as follows:
ORA-01017: invalid username/password; logon denied
The trace log for Oracle.ManagedAccess.Client shows that the correct Windows Username is trying to login.
I've used an Oracle schema credentials (User Id=USERID;Password=<password>;) to connect instead of the Windows Authentication (User Id=/;), and the test was proven to be successful. However, this won't do me any good as I need to have each Windows user connect under his/her own Oracle schema due to my database environment requirements.
How can I make this work with the Windows Authentication?

Ngrok + IIS Express and Windows Authentication

Im trying to expose a web application I have developed in ASP.NET MVC 5 through ngrok and Im having no luck with the Windows Authentication. My plan was to test the app using other VMs with IE8 (insert rage here) and a few mobile devices connecting through ngrok.
My setup details are as follows.
VM with Server 2008 (Domain Controller), Visual Studio 2013, SQL etc and development tools
Domain XYZ setup in VM with test users
The Web App is running by F5'ing VS in IIS Express and uses Windows Authentication. IIS express is configured to support Windows Authentication.
I have configured ngrok bindings in the applicationhost config file and also run the netsh command "netsh http add urlacl url=URLPLUSPORT user=everyone"
I can access and use/debug the app fine on the VM using localhost, this has always worked. However, when I run ngrok and then access the app from outside the VM I get the login credential prompt (was expecting this). I enter the correct user/password and I still get 401 Unauthorised and cannot access the app.
Can anyone help? Do I need any extra configuration to allow the authentication to pass through? Is this even possible?
I am pretty much stumped right now and the ngrok site is down although I cant imagine there is much documentation on this scenario :(
Thanks for your help

Azure Mobile Service hosted locally on IIS Express not acessable from a remote machine on same subnet

Implementing the steps here: http://azure.microsoft.com/en-us/documentation/articles/mobile-services-dotnet-backend-how-to-configure-iis-express/
I tried to access the mobile service REST interface from iOS, Android and Windows based applications running on a remote machine performing GETs and POSTS all requests result in an "authorization has been denied for this request" response.
I am able to navigate to the mobile service website from the remote machine mentioned above, which is on the same subnet as the mobile service, however when clicking on the "try it out" link I am prompted to enter credentials. I tried entering the mobile service key, windows credentials and the credentials used when setting up the database none worked all resulted in a re-prompt for credentials.
The same Android and Windows applications work without issue when running on the machine the mobile service is running on. I have to use 10.0.2.2 for android app running in the emulator to get the loopback to work but otherwise the code is unchanged.
The azure mobile service is running in the debugger using Visual Studio 2013 with Update 3. Visual Studio was launched as an admin.
All three apps iOS, Android and Windows can access the same mobile service when its running in Azure (Cloud).
I have read that the mobile service, running in IISExpress, allows anonymous requests originating from localhost but I have not seen any mention about how to configure authentication when accessing remotely or if any adjustments are needed to authenticate properly.
Any ideas?
Remote access for IIS Express is initially blocked
On Vista and Win7 or Win 8 run the following command with administratice Privileges
netsh http add urlacl url=http://xxxxx:port/ user=everyone

VS2012 Web project runs in VS Dev Server, but not in IIS

I have an MVC v3 project I've inherited. (I'm not that familiar with web stuff.) The project runs fine in Debug mode using the Visual Studio Development Server.
However, whenever I try to run it via IIS locally, it fails with 401.0 Unauthorized. "You do not have permission to view this directory or page".
I have read pages and pages and tried many options to no avail, such as:
configured the following users to have full control of my code project folder (Everyone, IUSR, NETWORK SERVICE, ASP.NET, me, IIS_IUSRS, DefaultAppPool)
checked that I have <modules runAllManagedModulesForAllRequests="true"> in web.config
configured an Application Pool using .NET v4 / Integrated.
configured a new Site in IIS Manager using port 81 and my custom Application Pool
tried Pass-through authentication or nominating myself as a specific user.
The error occurs in IE, Chrome and FF.
Detailed Error Message
HTTP Error 401.0 - Unauthorized
You do not have permission to view this directory or page.
Module ManagedPipelineHandler
Notification ExecuteRequestHandler
Handler System.Web.Mvc.MvcHandler
Error Code 0x00000000
Requested URL http://localhost:81/
Physical Path F:\Serko\Code\Analytics\SERKO.Analytics.Web
Logon Method Anonymous
Logon User Anonymous
Environment
Windows 7 Ultimate, VS2012, IIS7.5
I do not have much hair left to pull out. Any idea why this does not run in IIS?

Resources